Common use of Notice to DHCS Clause in Contracts

Notice to DHCS. 18.1.1 Business Associate shall notify DHCS immediately upon the discovery of a suspected breach or security incident that involves SSA data. This notification will be provided by email upon discovery of the breach. If Business Associate is unable to provide notification by email, then Business Associate shall provide notice by telephone to DHCS. 18.1.2 Business Associate shall notify DHCS within 24 hours by email (or by telephone if Business Associate is unable to email DHCS) of the discovery of: 18.1.2.1 Unsecured PHI if the PHI is reasonably believed to have been accessed or acquired by an unauthorized person; 18.1.2.2 Any suspected security incident which risks unauthorized access to PHI and/or other confidential information; 18.1.2.3 Any intrusion or unauthorized access, use or disclosure of PHI in violation of this Agreement; or 18.1.2.4 Potential loss of confidential data affecting this Agreement. 18.1.3 Notice shall be provided to the DHCS Program Contract Manager (as applicable), the DHCS Privacy Office, and the DHCS Information Security Office (collectively, “DHCS Contacts”) using the DHCS Contact Information at Section 18.6. below. 18.1.3.1 Prompt action to mitigate any risks or damages involved with the security incident or breach; and 18.1.3.2 Any action pertaining to such unauthorized disclosure required by applicable Federal and State law.

Notice to DHCS. 18.1.1 Business Associate shall notify DHCS immediately upon the discovery of a suspected breach or security incident that involves SSA data. This notification will be provided by email upon discovery of the breach. If Business Associate is unable to provide notification by email, then Business Associate shall provide notice by telephone to DHCS. 18.1.2 Business Associate shall notify DHCS within 24 hours by email (or by telephone if Business Associate is unable to email DHCS) of the discovery ofof the following, unless attributable to a treatment provider that is not acting as a business associate of Business Associate: 18.1.2.1 Unsecured PHI if the PHI is reasonably believed to have been accessed or acquired by an unauthorized person; 18.1.2.2 Any suspected security incident which risks unauthorized access to PHI and/or other confidential information; 18.1.2.3 Any intrusion or unauthorized access, use or disclosure of PHI in violation of this Agreement; or 18.1.2.4 Potential loss of confidential data information affecting this Agreement. 18.1.3 Notice shall be provided to the DHCS Program Contract Manager (as applicable), the DHCS Privacy Office, and the DHCS Information Security Office (collectively, “DHCS Contacts”) using the DHCS Contact Information at in Section 18.6. below. 18.1.3.1 Prompt action to mitigate any risks or damages involved with the security incident or breach; and 18.1.3.2 Any action pertaining to such unauthorized disclosure required by applicable Federal and State law.

Notice to DHCS. 18.1.1 Business Associate shall notify DHCS immediately upon the discovery of a suspected breach or security incident that involves SSA data. This notification will be provided by email upon discovery of the breach. If Business Associate is unable to provide notification by email, then Business Associate shall provide notice by telephone to DHCS. 18.1.2 Business Associate shall notify DHCS within 24 hours by email (or by telephone if Business Associate is unable to email DHCS) of the discovery ofof the following, unless attributable to a treatment provider that is not acting as a business associate of Business Associate: 18.1.2.1 Unsecured PHI if the PHI is reasonably believed to have been accessed or acquired by an unauthorized person; 18.1.2.2 Any suspected security incident which risks unauthorized access to PHI and/or other confidential information; 18.1.2.3 Any intrusion or unauthorized access, use or disclosure of PHI in violation of this Agreement; or 18.1.2.4 Potential loss of confidential data information affecting this Agreement. 18.1.3 Notice shall be provided to the DHCS Program Contract Manager (as applicable), the DHCS Privacy Office, and the DHCS Information Security Office (collectively, “DHCS Contacts”“DHCS Contacts”) using the DHCS Contact Information at in Section 18.6. below. 18.1.3.1 Prompt action to mitigate any risks or damages involved with the security incident or breach; and 18.1.3.2 Any action pertaining to such unauthorized disclosure required by applicable Federal and State law.